Compliance guides

Practical, no-fluff guides to compliance documentation for ISO 27001, SOC 2, GDPR and NIS2 — written for SMEs getting audit-ready.

16 Jun 2026·6 min read

GDPR Record of Processing Activities (ROPA): a practical guide

What a ROPA is, when Article 30 requires one, exactly what to include, and how to build and maintain it without drowning in spreadsheets.

GDPRROPAdata protection

10 Jun 2026·8 min read

NIS2 compliance for SMEs: a practical checklist

What the NIS2 Directive requires of smaller EU organizations — scope, the risk-management measures, incident-reporting deadlines, and a step-by-step checklist.

NIS2cybersecurityEUchecklist

2 Jun 2026·7 min read

ISO 27001 mandatory documents: the complete 2022 checklist

The documented information ISO/IEC 27001:2022 actually requires — the mandatory records, the key Annex A policies, and how to produce them fast.

ISO 27001ISMSdocumentation